maevsi · huzaifaedhi22 · May 22, 2025 · May 25, 2025 · May 26, 2025 · May 26, 2025
diff --git a/src/development/certificates/mkcert.sh b/src/development/certificates/mkcert.sh
@@ -29,13 +29,15 @@ done
 
 create "root"
 create "traefik" \
-    `# adminer` "adminer.localhost" \
-    `# grafana` "grafana.localhost" \
-    `# minio` "minio.localhost" \
-    `# portainer` "portainer.localhost" \
-    `# postgraphile` "postgraphile.localhost" \
-    `# prometheus` "prometheus.localhost" \
-    `# redpanda` "redpanda.localhost" \
-    `# traefik` "traefik.localhost" \
-    `# tusd` "tusd.localhost" \
-    `# vibetype` "localhost" "www.localhost" "127.0.0.1" "0.0.0.0"
+    "adminer.localhost" \
+    "grafana.localhost" \
+    "minio.localhost" \
+    "portainer.localhost" \
+    "postgraphile.localhost" \
+    "prometheus.localhost" \
+    "redpanda.localhost" \
+    "traefik.localhost" \
+    "tusd.localhost" \
+    "zammad.localhost" \
+    "localhost" "www.localhost" "127.0.0.1" "0.0.0.0"
+
diff --git a/src/development/secrets/postgres/role_service_zammad_password.secret b/src/development/secrets/postgres/role_service_zammad_password.secret
@@ -0,0 +1 @@
+zammad
diff --git a/src/development/secrets/postgres/role_service_zammad_password.secret.template b/src/development/secrets/postgres/role_service_zammad_password.secret.template
@@ -0,0 +1 @@
+<string>
diff --git a/src/development/secrets/postgres/role_service_zammad_username.secret b/src/development/secrets/postgres/role_service_zammad_username.secret
@@ -0,0 +1 @@
+zammad
diff --git a/src/development/secrets/postgres/role_service_zammad_username.secret.template b/src/development/secrets/postgres/role_service_zammad_username.secret.template
@@ -0,0 +1 @@
+<string>
diff --git a/src/development/stack.yml b/src/development/stack.yml
@@ -55,6 +55,12 @@ secrets:
   postgres_role_service_vibetype_username:
     # The `tusd` database role's password.
     file: ./secrets/postgres/role_service_vibetype_username.secret
+  postgres_role_service_zammad_password:
+    # The password of the customer service database role.
+    file: ./secrets/postgres/role_service_zammad_password.secret
+  postgres_role_service_zammad_username:
+    # The username of the customer service database role.
+    file: ./secrets/postgres/role_service_zammad_username.secret
   postgres_user:
     # The database's default user.
     file: ./secrets/postgres/user.secret
@@ -295,7 +301,7 @@ services:
       POSTGRES_DB_FILE: /run/secrets/postgres_db
       POSTGRES_PASSWORD_FILE: /run/secrets/postgres_password
       POSTGRES_USER_FILE: /run/secrets/postgres_user
-    image: postgis/postgis:17-3.5-alpine
+    image: imresamu/postgis:17-3.5.2-alpine3.21
     ports: #DARGSTACK-REMOVE
       - 5432:5432 #DARGSTACK-REMOVE
     secrets:
@@ -344,6 +350,162 @@ services:
       - postgres_user
     volumes:
       - ../../../reccoom/:/srv/app/
+
+  zammad-elasticsearch:
+    image: bitnami/elasticsearch:${ELASTICSEARCH_VERSION:-8.18.0}
-    image: bitnami/elasticsearch:${ELASTICSEARCH_VERSION:-8.18.0}
+    image: bitnami/elasticsearch:8.18.0
-    image: bitnami/elasticsearch:${ELASTICSEARCH_VERSION:-8.18.0}
+    image: bitnami/elasticsearch:8.18.0
+    restart: always
+    volumes:
+      - zammad_elasticsearch_data:/usr/share/elasticsearch/data
+    environment:
+      - discovery.type=single-node
+
+  zammad-init:
+    image: zammad/zammad-docker-compose:latest
+    restart: on-failure
+    depends_on:
+      - postgres
+      - zammad-elasticsearch
+    volumes:
+      - zammad_storage:/opt/zammad/storage
+    environment:
+      - POSTGRESQL_DB_CREATE=false
+      - POSTGRESQL_HOST=postgres
+      - POSTGRESQL_USER_FILE=/run/secrets/POSTGRESQL_USER
+      - POSTGRESQL_PASS_FILE=/run/secrets/POSTGRESQL_PASS
+      - POSTGRESQL_DB=zammad
+      - ELASTICSEARCH_HOST=zammad-elasticsearch
+      - ELASTICSEARCH_PORT=9200
+      - ZAMMAD_RAILSSERVER_HOST=zammad-railsserver
+      - ZAMMAD_WEBSOCKET_HOST=zammad-websocket
+      - NGINX_SERVER_NAME=zammad.${STACK_DOMAIN}
+      - REDIS_URL=redis://zammad-redis:6379
+    secrets:
+      - source: postgres_role_service_zammad_username
+        target: POSTGRESQL_USER
+      - source: postgres_role_service_zammad_password
+        target: POSTGRESQL_PASS
+    command: ["zammad-init"]
+
+  zammad-railsserver:
+    image: zammad/zammad-docker-compose:latest
+    restart: always
+    depends_on:
+      - zammad-init
+    environment:
+      - POSTGRESQL_HOST=postgres
+      - POSTGRESQL_USER_FILE=/run/secrets/POSTGRESQL_USER
+      - POSTGRESQL_PASS_FILE=/run/secrets/POSTGRESQL_PASS
+      - POSTGRESQL_DB=zammad
+      - ELASTICSEARCH_HOST=zammad-elasticsearch
+      - ELASTICSEARCH_PORT=9200
+      - ZAMMAD_RAILSSERVER_HOST=zammad-railsserver
+      - ZAMMAD_WEBSOCKET_HOST=zammad-websocket
+      - REDIS_URL=redis://zammad-redis:6379
+    secrets:
+      - source: postgres_role_service_zammad_username
+        target: POSTGRESQL_USER
+      - source: postgres_role_service_zammad_password
+        target: POSTGRESQL_PASS
+    volumes:
+      - zammad_storage:/opt/zammad/storage
+    deploy:
+      labels:
+        - traefik.enable=true
+        - traefik.http.routers.zammad-railsserver.entryPoints=web
+        - traefik.http.routers.zammad-railsserver.middlewares=redirectscheme
+        - traefik.http.routers.zammad-railsserver.rule=Host(`zammad.${STACK_DOMAIN}`) && PathPrefix(`/api`)
+        - traefik.http.routers.zammad-railsserver_secure.entryPoints=web-secure
+        - traefik.http.routers.zammad-railsserver_secure.rule=Host(`zammad.${STACK_DOMAIN}`) && PathPrefix(`/api`)
+        - traefik.http.routers.zammad-railsserver_secure.tls.options=mintls13@file
+        - traefik.http.services.zammad-railsserver.loadbalancer.server.port=3000
+    command: ["zammad-railsserver"]
+
+  zammad-scheduler:
+    image: zammad/zammad-docker-compose:latest
+    restart: always
+    depends_on:
+      - zammad-init
+    environment:
+      - POSTGRESQL_HOST=postgres
+      - POSTGRESQL_USER_FILE=/run/secrets/POSTGRESQL_USER
+      - POSTGRESQL_PASS_FILE=/run/secrets/POSTGRESQL_PASS
+      - POSTGRESQL_DB=zammad
+      - ELASTICSEARCH_HOST=zammad-elasticsearch
+      - ELASTICSEARCH_PORT=9200
+      - ZAMMAD_RAILSSERVER_HOST=zammad-railsserver
+      - ZAMMAD_WEBSOCKET_HOST=zammad-websocket
+      - REDIS_URL=redis://zammad-redis:6379
+
+    secrets:
+      - source: postgres_role_service_zammad_username
+        target: POSTGRESQL_USER
+      - source: postgres_role_service_zammad_password
+        target: POSTGRESQL_PASS
+    command: ["zammad-scheduler"]
+
+  zammad-redis:
+    image: redis:7-alpine
+    restart: always
+
+  zammad-websocket:
+    image: zammad/zammad-docker-compose:latest
-    image: zammad/zammad-docker-compose:latest
+    image: zammad/zammad-docker-compose:6.5.0-85
-    image: zammad/zammad-docker-compose:latest
+    image: zammad/zammad-docker-compose:6.5.0-85
+    restart: always
+    depends_on:
+      - zammad-init
+    environment:
+      - POSTGRESQL_HOST=postgres
+      - POSTGRESQL_USER_FILE=/run/secrets/POSTGRESQL_USER
+      - POSTGRESQL_PASS_FILE=/run/secrets/POSTGRESQL_PASS
+      - POSTGRESQL_DB=zammad
+      - ELASTICSEARCH_HOST=zammad-elasticsearch
+      - ELASTICSEARCH_PORT=9200
+      - ZAMMAD_RAILSSERVER_HOST=zammad-railsserver
+      - ZAMMAD_WEBSOCKET_HOST=zammad-websocket
+      - REDIS_URL=redis://zammad-redis:6379
+    secrets:
+      - source: postgres_role_service_zammad_username
+        target: POSTGRESQL_USER
+      - source: postgres_role_service_zammad_password
+        target: POSTGRESQL_PASS
+    command: ["zammad-websocket"]
+    deploy:
+      labels:
+        - traefik.enable=true
+        - traefik.http.routers.zammad-websocket.entryPoints=web
+        - traefik.http.routers.zammad-websocket.middlewares=redirectscheme
+        - traefik.http.routers.zammad-websocket.rule=Host(`zammad.${STACK_DOMAIN}`) && PathPrefix(`/ws`)
+        - traefik.http.routers.zammad-websocket_secure.entryPoints=web-secure
+        - traefik.http.routers.zammad-websocket_secure.rule=Host(`zammad.${STACK_DOMAIN}`) && PathPrefix(`/ws`)
+        - traefik.http.routers.zammad-websocket_secure.tls.options=mintls13@file
+        - traefik.http.services.zammad-websocket.loadbalancer.server.port=6042
+
+  zammad-nginx:
+    image: zammad/zammad-docker-compose:latest
+    restart: always
+    depends_on:
+      - zammad-init
+      - zammad-railsserver
+      - zammad-websocket
+    environment:
+      - NGINX_SERVER_NAME=zammad.${STACK_DOMAIN}
+      - REDIS_URL=redis://zammad-redis:6379
+    volumes:
+      - zammad_storage:/opt/zammad/storage
+
+    deploy:
+      labels:
+        - traefik.enable=true
+        - traefik.http.routers.zammad.rule=Host(`zammad.${STACK_DOMAIN}`)
+        - traefik.http.routers.zammad.entryPoints=web
+        - traefik.http.routers.zammad.middlewares=redirectscheme
+        - traefik.http.routers.zammad_secure.rule=Host(`zammad.${STACK_DOMAIN}`)
+        - traefik.http.routers.zammad_secure.entryPoints=web-secure
+        - traefik.http.routers.zammad_secure.tls=true
+        - traefik.http.routers.zammad_secure.tls.options=mintls13@file
+        - traefik.http.services.zammad.loadbalancer.server.port=80
+    command: ["zammad-nginx"]
+    command: ["sh", "-c", "sleep 60 && zammad-nginx"]
+
   redpanda:
     # You can access the event streaming platform's ui as described under `redpanda-console`.
     command:
@@ -390,6 +552,8 @@ services:
       - postgres_role_service_postgraphile_username
       - postgres_role_service_vibetype_password
       - postgres_role_service_vibetype_username
+      - postgres_role_service_zammad_username
+      - postgres_role_service_zammad_password
       - sqitch_target
     volumes:
       - ../../../sqitch/:/srv/app/
@@ -551,3 +715,5 @@ volumes:
   redpanda_data:
     # The message queue's data.
     {}
+  zammad_elasticsearch_data: {}
+  zammad_storage: {}
-  zammad_storage: {}
+  zammad_data: {}
-  zammad_storage: {}
+  zammad_data: {}